<?php
session_start();
//检查用户是否存在
//检查密码
$username = $_POST['Username'];
$password = $_POST['Password'];

$sql = 'select * from `account` WHERE `Username`=\'' .str_replace("''",'',$username).'\'';
$sqli = new mysqli('localhost','root','','mybolg');
$rs = $sqli->query($sql);
$row = $rs->fetch_assoc();
var_dump($sql);

if(!$row) echo "用户名不存在<br/>";
else{
    $passwordIndb = $row["Password"];
    if($passwordIndb!=$password){
        echo "密码错误<br/>";
    }else{
        //让服务器记住，当前这个访问者已经验证过的用户名密码
        $_SESSION["user"] = $row;
        echo "登录成功";
        $url = "adminlist.html";
        Header("Location: $url");
    }
}
?>
    

